www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Submission: On February 02 via manual (February 2nd 2022, 12:34:11 am UTC) from RU — Scanned from DE

Summary HTTP 85 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 12 domains to perform 85 HTTP transactions. The main IP is 151.101.65.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 5529.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2013	15169 (GOOGLE) (GOOGLE)
2	143.204.215.121 143.204.215.121	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:9800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	54.165.118.4 54.165.118.4	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3037::6815:24db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	20

22 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-121.fra53.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.118.4 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-118-4.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::6815:24db (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 5529 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8544 a.et.nytimes.com — Cisco Umbrella Rank: 8432 als-svc.nytimes.com — Cisco Umbrella Rank: 11418 meter-svc.nytimes.com — Cisco Umbrella Rank: 11629 a.nytimes.com — Cisco Umbrella Rank: 10644 purr.nytimes.com — Cisco Umbrella Rank: 11275 dd.nytimes.com — Cisco Umbrella Rank: 11812 mwcm.nytimes.com — Cisco Umbrella Rank: 11904	627 KB
17	google.com news.google.com — Cisco Umbrella Rank: 5085 adservice.google.com — Cisco Umbrella Rank: 80 play.google.com — Cisco Umbrella Rank: 39	68 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 13165	149 KB
6	nyt.com g1.nyt.com — Cisco Umbrella Rank: 10279 a1.nyt.com — Cisco Umbrella Rank: 9506	91 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 9356 iteratehq.com — Cisco Umbrella Rank: 8367	274 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	129 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 10202	401 B
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 624	521 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	870 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	96 KB
85	12

	Domain	Requested by
13	a.et.nytimes.com	www.nytimes.com
11	www.nytimes.com	www.nytimes.com
8	news.google.com	www.nytimes.com news.google.com www.gstatic.com
7	play.google.com	www.gstatic.com
5	g1.nyt.com	www.nytimes.com g1.nyt.com
4	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.gstatic.com	news.google.com www.gstatic.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nytimes.com
4	samizdat-graphql.nytimes.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
2	iteratehq.com	platform.iteratehq.com
2	adservice.google.com	5290727.fls.doubleclick.net
2	pnytimes.chartbeat.net	www.nytimes.com
2	insight.adsrvr.org	www.nytimes.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
2	a.nytimes.com	www.nytimes.com
1	adservice.google.de	adservice.google.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	mwcm.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
85	26

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
nyt.qualtrics.com
nytimes.com
cn.nytimes.com
cooking.nytimes.com
timesmachine.nytimes.com
store.nytimes.com
nytlicensing.com
help.nytimes.com
nytimes.pressreader.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
a.et.nytimes.com GTS CA 1D4	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2022-01-10` - `2022-04-10`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-01-18` - `2022-04-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Frame ID: C5B17AFBD5F84ABC24F2927621E3C905
Requests: 61 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456600
Frame ID: 88C37BBBA729C5D6366BB69F04FAE652
Requests: 13 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest
Frame ID: 9B70F8A612CD464F8109C0DEE9B6F3F2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest
Frame ID: 7DAE0A2E5E8F4554DFD93CFC18C76C02
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest
Frame ID: 4A353B65E035895BDB1F255E278505CB
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest
Frame ID: 03EEF00274F9CBA3764332773AD196B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Search

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

85
Requests

100 %
HTTPS

60 %
IPv6

12
Domains

26
Subdomains

20
IPs

2
Countries

1470 kB
Transfer

4779 kB
Size

27
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsearch%253Fdropmab%253Dfalse%2526query%253Dhttp%253A%252F%252Ffreedirectory.xyz%2526sort%253Dbest&asset=masthead
Title: Log In

Search URL Search Domain Scan URL

URL: http://nyt.qualtrics.com/jfe/form/SV_ehZpyzWtbwO9HVj?v=a
Title: Have search feedback? Let us know what you think.

Search URL Search Domain Scan URL

URL: https://nytimes.com/privacy/privacy-policy#we-allow-for-personalized-advertising-on-times-services
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://timesmachine.nytimes.com/browser
Title: TimesMachine

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT Store

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/seg
Title: Manage My Account

Search URL Search Domain Scan URL

URL: https://nytlicensing.com/
Title: NYTLicensing

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/sections/115003859548-Apps
Title: Mobile Applications

Search URL Search Domain Scan URL

URL: https://nytimes.pressreader.com/
Title: Replica Edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest

Request Chain 64

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request search Show response
www.nytimes.com/ 111 KB
40 KB 50ms
9ms Document
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bdc926f318e517d36f61e44b1fc758211fa468b7b3fbf25880b113e2b6e6d975

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-b3-traceid: 32cb6b2fd02943afbed19055ecb14677
x-nyt-data-last-modified: Wed, 02 Feb 2022 00:33:19 GMT
last-modified: Wed, 02 Feb 2022 00:33:19 GMT
x-pagetype: vi-search
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-search
x-origin-time: 2022-02-02 00:33:19 UTC
accept-ranges: bytes
date: Wed, 02 Feb 2022 00:34:06 GMT
age: 47
x-served-by: cache-lga21966-LGA, cache-hhn4075-HHN
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1643762046.137544,VS0,VE3
vary: Accept-Encoding, Fastly-SSL
x-nyt-app-webview: 0
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/search?dropmab=false&query=http://freedirectory.xyz&sort=best
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
x-nyt-edge-cache: MISS-HIT
content-length: 39954

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 22ms
7ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 9586278
x-guploader-uploadid: ADPycdvM_HxElX7psfISEsaNQfEgnO2Zgx5cmB4AGrFveWBc7tmn1KIO6XBFRxV4kkQJuoRY7wL5yZmwCuWxcKNne2c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4075-HHN
accept-ranges: bytes
expires: Fri, 14 Oct 2022 01:42:47 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1643762046.180597,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 67294

GET
H2 200 global-a390e9d7a067927dd253742a2f0124d4.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 7ms
7ms Stylesheet
text/css 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 5439787
x-guploader-uploadid: ADPycdvggIeRZuYJgohiuEax_tuue-meUOh-eGVehwCxJR6nV8ToqVw9HH7pwbVF1YHvkPk0BcQwFJ_FqzLhfk6j3mgzJo7QfQ
x-goog-stored-content-encoding: identity
x-origin-time: 2021-12-01 01:30:59 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.166820,VS0,VE1
etag: "3571f7d1a0dfa9e747b201e07fd9492b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-a390e9d7a067927dd253742a2f0124d4.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 68246
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1978
last-modified: Wed, 01 Dec 2021 00:32:38 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=top12A==, md5=NXH30aDfqedHsgHgf9lJKw==
x-goog-generation: 1638312564791373
expires: Thu, 01 Dec 2022 01:30:59 GMT
x-gdpr: 1
x-goog-stored-content-length: 5676
accept-ranges: bytes

GET
H2 200 adslot-640b40fb675410cd242a.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
7 KB 9ms
8ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-640b40fb675410cd242a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9b451d3ea4e499f6e1df6c13782e71edb22edb6c28914c7f298561034ce82d85

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 425844
x-guploader-uploadid: ADPycds5SVB9GlvheVuOZO6wq2SHGDtdig8EyGoyF673kmLV3gU27op-1HUilLYifSAVjD3_MTzlYI5beyG1nyQAMQI
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-28 02:49:36 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.175562,VS0,VE2
etag: "1995e165d0dc4f67c9e33f1a0136c1d9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-640b40fb675410cd242a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1248
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7132
last-modified: Thu, 27 Jan 2022 21:47:55 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=+7npGw==, md5=GZXhZdDcT2fJ4z8aATbB2Q==
x-goog-generation: 1643304232231814
expires: Sat, 28 Jan 2023 02:16:42 GMT
x-gdpr: 1
x-goog-stored-content-length: 20121
accept-ranges: bytes

GET
H2 200 vendor-6dabc659e9ccac9b6f00.js Show response
www.nytimes.com/vi-assets/static-assets/ 252 KB
77 KB 10ms
8ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 111299
x-guploader-uploadid: ADPycdsGSPIUQcU2dYDIKvqo-HdBPjDoP781tHgPAHwWsZc0-TZ1PI43r6fknDoWETqjjl6zQmgprYq1PQOHup9E9eWgBHPH3w
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-31 17:39:07 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.189892,VS0,VE1
etag: "8fc82adba8f7a20303f839ab3c923991"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6dabc659e9ccac9b6f00.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5204
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 77827
last-modified: Mon, 31 Jan 2022 17:10:50 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=Aei76Q==, md5=j8gq26j3ogMD+DmrPJI5kQ==
x-goog-generation: 1643649050257546
expires: Tue, 31 Jan 2023 17:39:06 GMT
x-gdpr: 1
x-goog-stored-content-length: 258452
accept-ranges: bytes

GET
H2 200 search-91acf538f24fbea9600f.js Show response
www.nytimes.com/vi-assets/static-assets/ 153 KB
39 KB 13ms
13ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/search-91acf538f24fbea9600f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

da43df7a618c6ecfd98b0c924aa9c057451a1853c0e146c5c9c88592a296229e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 381148
x-guploader-uploadid: ADPycdu-Nh4vm8Ujr8WPHFedATPjZfWJ2hwopme2BbbVgrxwC029V7qUghaoU47nOwf-L5rviAuafMM61fh83a-Tbto
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-28 14:41:38 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.190303,VS0,VE2
etag: "04577481e9761cae4989ac6a5a43c4dc"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/search-91acf538f24fbea9600f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 520
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 39479
last-modified: Fri, 28 Jan 2022 14:11:57 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=YUgtBw==, md5=BFd0gel2HK5JiaxqWkPE3A==
x-goog-generation: 1643379117120650
expires: Sat, 28 Jan 2023 14:41:38 GMT
x-gdpr: 1
x-goog-stored-content-length: 156983
accept-ranges: bytes

GET
H2 200 main-08989f947ca86ea89e4c.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
360 KB 8ms
8ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ff98b10e739cd61cf8b678fb1447c62a2df8e80591d7e8b513b7fc9edf0f2640

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 26301
x-guploader-uploadid: ADPycduZydBgto6z9u6j7_YmFPevowkaIGHb-WCZsJxACBhXaCQ2diJj88ns0nhgrrQU-RQ0MoC86DWHcyvJOVrPTYc
x-goog-stored-content-encoding: identity
x-origin-time: 2022-02-01 17:15:45 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.209232,VS0,VE1
etag: "4a75a3a774693f37e8b68a95eb12e2f1"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 16
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 367479
last-modified: Tue, 01 Feb 2022 17:06:55 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=CSXHmw==, md5=SnWjp3RpPzfotoqV6xLi8Q==
x-goog-generation: 1643735215078176
expires: Wed, 01 Feb 2023 17:15:45 GMT
x-gdpr: 1
x-goog-stored-content-length: 1265750
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 360 KB
96 KB 136ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

798933e32618fcc0d5d176fbd094da833036059ed5c0a2c250229ff635a4b642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97878
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 37ms
14ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-e087ed5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 6118518f6a7c2cd4-5630ba35763b3ac3-0
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-e087ed5
x-b3-traceid: 6118518f6a7c2cd4-5630ba35763b3ac3-0
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Wed, 02 Feb 2022 00:34:06 GMT
age: 63
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: NW
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: afa1e26699a26c28
samizdat-x-instance: bb58c771
samizdat-x-canary: false
x-served-by: cache-hhn4049-HHN
x-cache: HIT
x-cache-hits: 2
x-timer: S1643762046.225771,VS0,VE1
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 255ms
141ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
834 B 111ms
110ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-e087ed5 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 76bdf7db57ef2526-599e3c4575b044af-1
age: 0
x-cache: MISS
samizdat-x-instance: a59d9e8d
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 2f700bb5463f06a8
content-length: 123
samizdat-x-canary: false
x-nyt-continent: EU
server: samizdat-graphql-e087ed5
x-timer: S1643762046.239152,VS0,VE104
x-nyt-region: NW
x-served-by: cache-hhn4075-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 76bdf7db57ef2526-599e3c4575b044af-1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 142 KB
45 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2895e974220e0cd46c019c22556ee285f8d859b9fb766ae5519b759a359bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45049
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 17:16:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 00:42:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 141ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

413d6a64ecbfb5ad83e7ea4d1b670151741e78a16227ebb6adca391deaef3f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27277
x-xss-protection: 0
server: sffe
etag: "1119 / 557 of 1000 / last-modified: 1643756703"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 02 Feb 2022 00:34:06 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
2 KB 190ms
135ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?url=https%3A%2F%2Fwww.nytimes.com%2Fsearch&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 7e1610317c422b8d7342875a8ae65b59c376bd78a6e4b6a8625b111f884d345c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1890

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 13ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 10198310
x-guploader-uploadid: ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4049-HHN
accept-ranges: bytes
expires: Thu, 06 Oct 2022 23:42:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643762046.225950,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984052902
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 124913

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
6ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 5444085
x-guploader-uploadid: ADPycdtX4MNbT6QPezVCT7YrY3yujYPe9pEU9CNfFp1wTobv5fHyXsHYBVGUJ_l1a3OVBc8t-akvK3w37GbgV4tKf-Y
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4049-HHN
accept-ranges: bytes
expires: Thu, 01 Dec 2022 00:19:20 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643762046.225886,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984061911
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 123426

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 8ms
8ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 4919404
x-guploader-uploadid: ADPycdvguO2mx3sOr0sEItkbTCS6VYw5607ol5Cdjn4Ba5uNSxr3mAy1HlNnzDldObwTCkxXLsY9QZhRtA4fAdDDKUi9LXjaRw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4049-HHN
accept-ranges: bytes
expires: Wed, 07 Dec 2022 02:04:02 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643762046.226028,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983906454
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 107059

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6301c68dc12918911623.js Show response
www.nytimes.com/vi-assets/static-assets/ 46 KB
15 KB 11ms
11ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6301c68dc12918911623.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0f94885fd7c9cb7811f25ef40aae0e70111a6d2f346d3a38e531fd0ae906a0fa

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 423868
x-guploader-uploadid: ADPycdvKEP7OEwx8bUHFIbB37uGzEYQKQSH0hGgNgI_gB7GhCRakMp0Ort7PaHHNVjsTQHuNzaoNxSZ5hu9CDpcJCfI
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-28 02:49:38 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.382526,VS0,VE2
etag: "f2073b13685dcdf37d799c76ff033f98"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6301c68dc12918911623.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1160
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14574
last-modified: Thu, 27 Jan 2022 21:47:56 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=+gj7sA==, md5=8gc7E2hdzfN9eZx2/wM/mA==
x-goog-generation: 1643304233637431
expires: Sat, 28 Jan 2023 02:49:38 GMT
x-gdpr: 1
x-goog-stored-content-length: 47044
accept-ranges: bytes

GET
H2 200 vendors~search-753ae6aced9b764a0852.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
11 KB 9ms
9ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~search-753ae6aced9b764a0852.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

97975b77adab1bc3b7e2c7b638569e6c85e6a3621cbd12b43bd54552b5e4a88e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1226269
x-guploader-uploadid: ADPycdsRc3lEq0v9NaoIgM39GYJudgn1zqDZow9-jA0x0UamnAtniPZ9UGzTUdvj8yHk-57fgoHsEz2IzASp6TPEKZBiArCrzQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-18 19:56:17 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.382803,VS0,VE2
etag: "e7cf28305842f0f0adf39b378d918834"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~search-753ae6aced9b764a0852.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 438
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 9866
last-modified: Tue, 18 Jan 2022 19:54:12 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=Ln4KXA==, md5=588oMFhC8PCt85s3jZGINA==
x-goog-generation: 1642535652313695
expires: Wed, 18 Jan 2023 19:56:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 43601
accept-ranges: bytes

GET
H2 200 answerpage~bestsellers~hubpage~markets~privacy~reviews~search~timeswire~trending~weddings-1e898ce16712e06d865a.js Show response
www.nytimes.com/vi-assets/static-assets/ 37 KB
12 KB 10ms
10ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/answerpage~bestsellers~hubpage~markets~privacy~reviews~search~timeswire~trending~weddings-1e898ce16712e06d865a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9720259e389f5d8dcceb70d4a706fd7ce971ebed39398c11900bee7f3396425b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 111290
x-guploader-uploadid: ADPycdtPBl0kxmRhxt17LWSNTW_tp0jpn5l8OglCX1KoIs5LpidBuMTcFlrbKaKMQZPjapNdxryJazX4cbrg3hautzI
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-31 17:39:16 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762046.383195,VS0,VE1
etag: "0dfce01492ac7d4bdf1a4cac3f303a70"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/answerpage~bestsellers~hubpage~markets~privacy~reviews~search~timeswire~trending~weddings-1e898ce16712e06d865a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2051
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 11300
last-modified: Mon, 31 Jan 2022 17:10:49 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=zgJ+7A==, md5=DfzgFJKsfUvfGkysPzA6cA==
x-goog-generation: 1643649049079497
expires: Tue, 31 Jan 2023 17:39:16 GMT
x-gdpr: 1
x-goog-stored-content-length: 38333
accept-ranges: bytes

GET
H2 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 39ms
39ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 23:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Feb 2023 23:36:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
371 B 91ms
47ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
expires: Wed, 02 Feb 2022 00:34:06 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-e087ed5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
x-datadog-trace-id: 12b9fc8498d5d1c-2c10485f4b4d7cb8-1
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-e087ed5
x-b3-traceid: 12b9fc8498d5d1c-2c10485f4b4d7cb8-1
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Wed, 02 Feb 2022 00:34:06 GMT
age: 0
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-region: NW
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: a0fce09d80029028
samizdat-x-instance: bb58c771
samizdat-x-canary: false
x-served-by: cache-hhn4049-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1643762047.500653,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
821 B 114ms
113ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-e087ed5 /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 3ec8c708d6b78f4a-2c4784058134355f-1
x-cache: MISS
samizdat-x-instance: cd66c822
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: c4381e7d6a6a823f
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: NW
server: samizdat-graphql-e087ed5
x-timer: S1643762047.510135,VS0,VE105
x-nyt-continent: EU
x-served-by: cache-hhn4075-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:AM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 3ec8c708d6b78f4a-2c4784058134355f-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 622 B
1 KB 254ms
196ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest&referer=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest&pageviewID=Y4zRFcN9oQ68G8xRD681EkVH
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 6aeeb08ac54b95ab6df2cfbeddbb4185301fdea1eb49b3f550d2f6d62319d637

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 622

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 989 B
1 KB 720ms
618ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsearch&jkcb=1643762046512
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: bcaa6d939e01310f997c0a740d4df1c8a8cf5ebebd3ed28ea42c00df6a5d81eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: f0a9c5d35566a81eda693cca200231a5
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 514
expires: Wed, 02 Feb 2022 00:34:07 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 253ms
144ms Fetch
text/html 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 591ca464b7f047c125e5ec72b68e74f0
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Wed, 02 Feb 2022 00:34:06 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 989 B
1 KB 366ms
265ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&caller_id=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsearch&jkcb=1643762046514
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 52bde2044af620b07753e8811e8e6e2af4b6958b03a9a067667de86452540f35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
x-appengine-log-flush-count: 0
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 6edf978d017212adea2ab1f3ade76b52
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 514
expires: Wed, 02 Feb 2022 00:34:06 GMT

GET
H2 200 franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 7ms
7ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Origin: https://www.nytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg==
date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 5436487
x-guploader-uploadid: ADPycdvzcCfEtq6rQhQ7OVo_LbiYueAWtyvuoFYYxbGS147rQEL_tM0YbGPlwl3lsdxJCn0D8gc3sdeMM1OKD6NzCi8
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20212
x-served-by: cache-hhn4049-HHN
accept-ranges: bytes
expires: Thu, 01 Dec 2022 02:26:00 GMT
last-modified: Wed, 15 Sep 2021 19:43:04 GMT
server: UploadServer
x-timer: S1643762047.609911,VS0,VE0
etag: "abe1b34d5a429f8e034860c86c483446"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734984010934
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20212
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 102407

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 92ms
42ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 01:02:50 GMT

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 88C3 23 KB
7 KB 131ms
100ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=456600

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e5046c21e2ad4606d015dad23f41c23d2f4c94c40fb507b07598f0fbc16b661

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-ri7ztakLD6VsNDsLS5nUog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-ri7ztakLD6VsNDsLS5nUog' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 02 Feb 2022 00:34:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-ri7ztakLD6VsNDsLS5nUog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-ri7ztakLD6VsNDsLS5nUog' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 71ms
40ms Other
image/svg+xml 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 01:09:51 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 141ms
141ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 134ms
134ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 137ms
137ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 173ms
172ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 226 KB
41 KB 78ms
8ms Script
text/javascript 143.204.215.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-121.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

63c19371588c328be91e3988648d28d3dc13e987ead094a0165cec8d915f2ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "3882b-5d5788b58c148-gzip"
age: 1539
x-cache: Hit from cloudfront
content-length: 41784
access-control-allow-origin: *
last-modified: Thu, 13 Jan 2022 15:43:14 GMT
server: Apache
date: Wed, 02 Feb 2022 00:08:33 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 0HYeRBlewGfF3GFyFv5vlBJpSy0Dj4I7ae5e0zycQojmR-2IPA9NPA==
expires: Wed, 02 Feb 2022 01:08:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3552
date: Tue, 01 Feb 2022 23:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Feb 2022 01:34:54 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 144ms
143ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 136ms
136ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 557ms
556ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
57 B 114ms
113ms Fetch
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 defaultSiteIndexData-8c8dc490fa766ee4ae12.js Show response
www.nytimes.com/vi-assets/static-assets/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/defaultSiteIndexData-8c8dc490fa766ee4ae12.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

869c8ffa7874a82c211a615cefca267eedd4520acecc678e78941e616527c6bb

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 455465
x-guploader-uploadid: ADPycduGVUS-IGkW7cPTleO5FPrbL3BfhnDDFnKW2mhpESKILIrvQMcZnMwvd1Z_8u6FkVt0k93w1ks1Dldj5QFSGkI
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-27 18:03:01 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762047.721538,VS0,VE1
etag: "8c7a5d241ddec3ca619cafce12ed231c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/defaultSiteIndexData-8c8dc490fa766ee4ae12.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 605
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1400
last-modified: Thu, 27 Jan 2022 17:23:52 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=51HQRg==, md5=jHpdJB3ew8phnK/OEu0jHA==
x-goog-generation: 1643304232135255
expires: Fri, 27 Jan 2023 18:03:01 GMT
x-gdpr: 1
x-goog-stored-content-length: 3914
accept-ranges: bytes

GET
H2 200 siteIndexContent-f9337b7dd45fe4d4e94d.js Show response
www.nytimes.com/vi-assets/static-assets/ 15 KB
5 KB 7ms
7ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/siteIndexContent-f9337b7dd45fe4d4e94d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3d78a99e4f4c53e2ed5437af69cf62e4d90b709e5fbf8a30690b2d5000204256

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1226269
x-guploader-uploadid: ADPycdtFiX22k5ZlatjaUWOCIVP3SQLiNmLQ6qxM9zZd-lvX6rbKPFJS1YrQqm-oS26vI99-VA1R_m3GnxwGTMFl1Ltbn8bOqw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-01-18 19:56:17 UTC
x-served-by: cache-hhn4075-HHN
x-timer: S1643762047.740840,VS0,VE1
etag: "a2facb03756aee7759f0958130678584"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/siteIndexContent-f9337b7dd45fe4d4e94d.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 550
date: Wed, 02 Feb 2022 00:34:06 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5118
last-modified: Tue, 18 Jan 2022 19:54:11 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload
x-goog-hash: crc32c=3dFnEA==, md5=ovrLA3Vq7ndZ8JWBMGeFhA==
x-goog-generation: 1642535651874541
expires: Wed, 18 Jan 2023 19:56:17 GMT
x-gdpr: 1
x-goog-stored-content-length: 15824
accept-ranges: bytes

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 88C3 0
24 B 100ms
99ms Other
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-026qELPCXDs0FSm7njaXRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-026qELPCXDs0FSm7njaXRA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456600
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 02 Feb 2022 00:34:06 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-026qELPCXDs0FSm7njaXRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-026qELPCXDs0FSm7njaXRA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
566 B 37ms
20ms XHR
application/json 143.204.215.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-121.fra53.r.cloudfront.net
Software: DataDome /
Resource Hash: c7c54925cf2a855076a5bdc48410185f4279624173b613b18b658b3e961f9dcd

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:06 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: gPwEvXiaYgYyVSL9cMCvfqYVdZLFiVF7PQWYXJp2lVjqqHwp-Cmm4w==
expires: 0

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 88C3 21 KB
6 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 01:02:50 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 88C3 161 KB
57 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5-O79uNtzthZ5jh-ba3Y62Z4w4dg/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c96dca645d7cdb6889e7deae3bc2ac76500e438d2b13d84e4cdf594fba23f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57949
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 02:57:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 01 Feb 2023 20:05:43 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 34 KB
6 KB 289ms
279ms Fetch
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?dropmab=false&query=http%3A%2F%2Ffreedirectory.xyz&sort=best&plat=web&mc=0&mr=1&ma=1&counted=false&granted=true&us=anon&context-type=&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-08989f947ca86ea89e4c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: dcc4f5d4fcbe6f019c8876e56b9a0337111d65bce0d48d0f946d38c093c44097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-hhn4075-HHN
expires: Wed, 02 Feb 2022 00:34:07 GMT
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_all_Monthly-Sale-dock","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1643762047.857806,VS0,VE272
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 14b7bf621e9677ba04d4a1fb3c80a398
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 137ms
137ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 87ms
43ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=421098273&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsearch&dr=&ul=en-us&de=UTF-8&dt=The%20New%20York%20Times%20-%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dock&ea=impression&el=gdpr&ev=0&_u=YEBAAEABAAAAAC~&jid=947107980&gjid=1241803222&cid=1854412071.1643762047&tid=UA-58630905-2&_gid=1733677802.1643762047&_r=1&gtm=2wg1v0P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsearch&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest&cd3=%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest&cd9=9&cd14=null&cd21=Search&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd42=nyt-vi&cd48=null&cd49=&cd51=nyt-vi&cd52=&cd54=null&cd57=0&cd58=0&cd59=&cd60=&cd63=H6BrbvO5U970BcGehDT7UE&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=H6BrbvO5U970BcGehDT7UE&cd172=desktop&cd173=desktop&z=638101411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 88C3 15 KB
16 KB 132ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 47761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:18:05 GMT

GET
H3

200

activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Df... Show response
5290727.fls.doubleclick.net/ Frame 9B70
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fww...

679 B
470 B

97ms
50ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

9a1ea5efba78d3b3207b021b1d51b5a4f2fc32a3a2698f03eb4eee1db8776137

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Feb 2022 00:34:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Feb 2022 00:34:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 33ms
7ms Script
application/x-javascript 2600:9000:2057:9800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 22:51:23 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 06:48:52 GMT
server: nginx
age: 6163
etag: W/"61f391d4-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: w0-QgAIQ6FJ8Mf4SrJVudQCsXxmCrQQ7WJIJzQiybIrjOFtSj4iKjw==
expires: Wed, 02 Feb 2022 00:51:23 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
635 B 16ms
6ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Wed, 02 Feb 2022 00:34:06 GMT
content-encoding: gzip
content-type: application/javascript
age: 74146
x-guploader-uploadid: ADPycdsibVoXQmfd_2bN94DYNLqt1DJtInYzNKiC2H0RY7L8wwJ89rTfbLZTZZzJ0YQC7bfkadEVWDLh0sGiDYJJaQ
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4075-HHN
accept-ranges: bytes
expires: Mon, 23 Aug 2021 07:13:52 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1643762047.930502,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2142

POST
H2 200 track
a.et.nytimes.com/ 0
0 141ms
141ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
36ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=421098273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsearch&dr=&ul=en-us&de=UTF-8&dt=The%20New%20York%20Times%20-%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1854412071.1643762047&tid=UA-58630905-2&_gid=1733677802.1643762047&gtm=2wg1v0P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsearch&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest&cd3=%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest&cd9=9&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd21=Search&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=null&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=H6BrbvO5U970BcGehDT7UE&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=H6BrbvO5U970BcGehDT7UE&cd172=desktop&cd173=desktop&z=1762654975

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 21:23:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11418
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 103ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=2139557239
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 297ms
96ms Image
image/gif 54.165.118.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fsearch&u=DbE2syCH2uRKDaRZ7i&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=874&t=DN-WdoDLXsgdhz2HjxncFvKsVVG&V=129&i=The%20New%20York%20Times%20-%20Search&tz=0&_acct=anon&sn=1&sv=v2_NTCx-GJSB3T9JsBSMgUAKv3gj&sd=1&im=06070403&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.118.4 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-118-4.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.n8ftrlLZyh4.L.B1... Frame 88C3 37 KB
13 KB 87ms
40ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.n8ftrlLZyh4.L.B1.O/am=BAAQ/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4V3k0bFUPv3aNksxFtyRjBl3IDEA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/am=BAAQ/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5-O79uNtzthZ5jh-ba3Y62Z4w4dg/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ba4b0f9a0b5a6cc5b219591a2a76b88ac48f708fa403ecb842544178c4df4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13650
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 02:57:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 01 Feb 2023 20:05:55 GMT

GET
H3 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.n8ftrlLZyh4.L.B1... Frame 88C3 104 KB
35 KB 94ms
51ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.n8ftrlLZyh4.L.B1.O/am=BAAQ/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4V3k0bFUPv3aNksxFtyRjBl3IDEA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9959bd8fb1de502f64f74ee7c58540a492fe099b9dd789fee4b44930022c6f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36048
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 02:57:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 01 Feb 2023 20:05:55 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 88C3 423 B
320 B 104ms
103ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=2591285600199163940&bl=boq_subscribewithgoogleclientserver_20220131.09_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=2048&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a442c88b95e2b9fb0beb698f3d97ee0f919d6e84b929448a6091e78788021fb4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.n8ftrlLZyh4.L.B1... Frame 88C3 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.uraJZwVP5GI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.n8ftrlLZyh4.L.B1.O/am=BAAQ/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI4V3k0bFUPv3aNksxFtyRjBl3IDEA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b74d9d0bf5383b518457e5f527095f711768833838ef8cfc39240ce490c0d9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7220
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 02:57:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Wed, 01 Feb 2023 20:05:55 GMT

GET
H2 200 dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26que... Show response
adservice.google.com/ddm/fls/i/ Frame 7DAE 678 B
914 B 177ms
77ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6270ca4613759eed5ce9a88406379a80c4f11972cd03108a6cb6ce302f9fc185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Feb 2022 00:34:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 log Show response
play.google.com/ Frame 88C3 131 B
672 B 138ms
49ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 02 Feb 2022 00:34:07 GMT

GET
H3

200

activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Df... Show response
5290727.fls.doubleclick.net/ Frame 4A35
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fww...

592 B
415 B

57ms
57ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

eb6628e0b8a30aa5d0362d95be282d463bc421ccd0aa17a41db54e9f77902624

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Feb 2022 00:34:07 GMT
expires: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Feb 2022 00:34:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 142ms
141ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
36ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 21:23:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11419
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 209ms
208ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1845072284
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
200 B 97ms
97ms Image
image/gif 54.165.118.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fsearch&u=DbE2syCH2uRKDaRZ7i&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&v=https%3A%2F%2Fnytimes.com%2Fsearch&vp=1&b=1175&t=DnVaHczhQXsBP7LC7Dx2-XCLphW1&V=129&z=t%3DDN-WdoDLXsgdhz2HjxncFvKsVVG%26E%3D0%26x%3D0%26c%3D0.01%26y%3D1200%26w%3D1200&i=The%20New%20York%20Times%20-%20Search&tz=0&_acct=anon&sn=1&sv=v2_NTCx-GJSB3T9JsBSMgUAKv3gj&sd=2&im=06870403&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.118.4 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-118-4.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 log Show response
play.google.com/ Frame 88C3 131 B
155 B 90ms
46ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 02 Feb 2022 00:34:07 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 126ms
45ms Preflight
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 02 Feb 2022 00:34:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 88C3 131 B
155 B 89ms
45ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 02 Feb 2022 00:34:07 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 126ms
45ms Preflight
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 02 Feb 2022 00:34:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 88C3 131 B
155 B 98ms
55ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 02 Feb 2022 00:34:07 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 125ms
46ms Preflight
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 02 Feb 2022 00:34:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private

GET
H3 200 dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2F...
adservice.google.com/ddm/fls/z/ Frame 4A35 42 B
63 B 131ms
84ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLWvsefi3_UCFeXPEQgdUoMPLQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4953534959227;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 00:34:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26que... Show response
adservice.google.de/ddm/fls/i/ Frame 03EE 194 B
870 B 189ms
75ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKqDpOfi3_UCFRnUEQgdiwUN_A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5399189215362;gtm=2wg1v0;auiddc=10133778.1643762047;u17=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsearch%3Fdropmab%3Dfalse%26query%3Dhttp%3A%2F%2Ffreedirectory.xyz%26sort%3Dbest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Feb 2022 00:34:07 GMT
expires: Wed, 02 Feb 2022 00:34:07 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 .status
a.et.nytimes.com// 0
0 134ms
132ms Fetch
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 41ms
14ms Script
application/javascript 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3YMGWCWXQZ3B7HM1
x-amz-id-2: YJtxRwhW4ewM6B7Uz254aiaYyiyB6NxjrYW0E3WWTMe3q5g1VCNJmRBgpGJY97AnG/gu4/OMWXA=
last-modified: Tue, 21 Dec 2021 18:11:17 GMT
server: cloudflare
etag: W/"851a8e8d3ce808a979323f763dc260b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcyOX9Z2hFAMwdOTxoU2qpZT6JaeHXLGX%2FzEjbt3auda4WUVLEnrrmJkgXRMyr%2BaRV8HZEjXO54pTyq8BNyfhHUoTpETE%2B9beYa%2Faj1VOHef5WG6o%2B2g3t%2BH5GkiX3WVkNWJIfxmuiXM8yos2jFfUiJ4t9e9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6d6f54fdac6391db-FRA

GET
H3 200 sdk-prod-1d3c7a55760b4dff36c9.js Show response
platform.iteratehq.com/ 895 KB
260 KB 43ms
32ms Script
application/javascript 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 667768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KFZD22K1CTF72GER
x-amz-id-2: qXYKcXKP088u/44TPGDmCLFCqhN2MFN3B7/OscRzYs+P5adgaYvqarEMDZkbTbjc0jTiqeleJAU=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"1e60912655a5240d8ec79d1ef3a8098e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oktnlmwmRi9yhZiR%2BZOyWy%2B7irtP%2F85lx2Pk1II69wyprRl%2BZAX747dDhmnSuK4Mj%2Fd2G5%2B29CZltSAHTjbA9eNVSvlC2vDKSeOsVky1oUDCQNYgvWFMeOm2Kru7oocrp2AgHFg5GYeZpyDAd2iXb6uTk7Zl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6d6f54fddbf69090-FRA

GET
H3 200 style-2bdbffb0210cc2e386f1.css
platform.iteratehq.com/ 130 KB
12 KB 32ms
22ms Stylesheet
text/css 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/style-2bdbffb0210cc2e386f1.css

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 667768
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: KFZDEQVF327B81JZ
x-amz-id-2: xGxK5qyuN6AuHmEQKBXKrr/5m3G6anZThUzLrvPSQopgc6oCZDCUygKogyUxeF8TwMhWEsXark0=
last-modified: Tue, 21 Dec 2021 18:11:11 GMT
server: cloudflare
etag: W/"4737fd744e2551cae9a2bc8884efd7ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHethUMUtMIkNamEDzKPtMiLgvTfpWYxWlX5N9D0oEVqi1l%2BkmgStS9TBDYyjzsGef84Z6g8%2FH0%2F998VrVb1t62OmVxhYky0BhHpMfL6xH8pvql5dGkJa4GyfoP3%2Bid5Uj1wtas377jS8gRLy0RQD2iRk%2FN1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6d6f54fddbf89090-FRA

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 126ms
113ms Fetch
application/json 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-1d3c7a55760b4dff36c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6920f2a19cca0e9492d27dd3453a64063d2167a4411c10111fd54561c70ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Wed, 02 Feb 2022 00:34:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3b%2BI5ZJAqVdGYl8hwzOfhtEkeWHZcHzON9irQVP82%2F0vGycBNeuNpoDUR325UcOf31i2AWYnlvcqZvPvi%2FZCYa1oo8ZDsGI9BSXt97xPu6nQRSqnOFn8iAdyKWjUjvIT6O%2FoRXfpCDyHJjw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6d6f54ff989c91db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 132ms
105ms Preflight 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Feb 2022 00:34:07 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwA9%2Fv0sIVqvq21kP1SpO4GLvyGPObG7TVofLiO5s8ixU5pn24qUmxhwefNg3ckhee7Xdy%2FeGbqpiZYzWAFmghMl0HSiIOVOmXBAip135jtVmETqufrHbqd4qfTcZPZ9w2AxEXkQDPv6pc6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6d6f54feee9a9299-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 track
a.et.nytimes.com/ 0
0 143ms
142ms Ping
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/search?dropmab=false&query=http://freedirectory.xyz&sort=best
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 09:21:38	Name: nyt-a Value: H6BrbvO5U970BcGehDT7UE
.nytimes.com/	1970-01-20 00:36:23	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 09:21:38	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 35ed35daf76e468d9f20456377df4546
.et.nytimes.com/	1970-01-20 00:36:03	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 09:21:38	Name: sessionIndex Value: 1\|1643762046369\|H6BrbvO5U970BcGehDT7UE\|1643762046369
.et.nytimes.com/	1970-01-20 00:37:28	Name: et-ppvid Value: https://www.nytimes.com/search=Y4zRFcN9oQ68G8xRD681EkVH
.nytimes.com/	1970-01-21 20:25:28	Name: nyt-m Value: EC78615C75506D579DC8865C29C29D67&pr=l.4.0.0.0.0&prt=i.0&igf=i.0&n=i.2&igd=i.0&vp=i.0&imu=i.1&igu=i.1&ira=i.0&uuid=s.80745b4e-4056-4253-86ec-b66ae1189f00&g=i.0&iue=i.0&ier=i.0&ird=i.0&ft=i.0&e=i.1646125200&ica=i.0&ifv=i.0&imv=i.0&v=i.0&rc=i.0&er=i.1643762046&vr=l.4.0.0.0.0&fv=i.0&cav=i.0&iub=i.0&iga=i.0&t=i.1&iru=i.1&iir=i.0&s=s.core
.nytimes.com/	1970-01-20 10:05:32	Name: purr-cache Value: <K0<r<C_<G_<S0
.google.com/	1970-01-20 04:59:33	Name: NID Value: 511=BVivBRO6NM0Dk2Y_T3fifWgKO6SajN_bvuWYr8FQfBKfLOMHIOyq7JY7XVQpPIucaNMzjJdcIk9LdoAoO1Mkpkikjt2wNRZIE3ZeW9d3VuUmAlKn5u3XLPgxaCY4E0lEh-fJOAd12DOlGysqXv7VhL3iXbSvGy3GRuve17DyQZ4
.nytimes.com/	1970-01-20 18:07:14	Name: walley Value: GA1.2.1854412071.1643762047
.nytimes.com/	1970-01-20 00:37:28	Name: walley_gid Value: GA1.2.1733677802.1643762047
.nytimes.com/	1970-01-20 00:36:02	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 09:21:38	Name: datadome Value: 7NynBTYrYAPJVpY7_kieQU7d0jt2t.G~fvNu7faRUMGhV_McZ2SyV.R.eeN9xmOTqGbXWYgYsesg5__pSDwM7VsgSB82WTEp8Nb~xXRrjybpdNMjHUGH8Q4~Aroqd9v
.a.nytimes.com/	1970-01-20 09:21:38	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 00:37:26	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 00:37:26	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 02:45:38	Name: _gcl_au Value: 1.1.10133778.1643762047
www.nytimes.com/	1970-01-20 10:04:50	Name: _cb_ls Value: 1
www.nytimes.com/	1970-01-20 10:04:50	Name: _cb Value: DbE2syCH2uRKDaRZ7i
www.nytimes.com/	1970-01-20 00:36:03	Name: _cb_svref Value: null
.nytimes.com/	1970-01-20 00:45:05	Name: nyt-cmots Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2NDM3NjIwNDcsInNjIjoxNjQzNzYyMDQ3LCJjYSI6MTY0Mzc2MjA0N319fX0=
.nytimes.com/	1970-01-20 09:21:38	Name: nyt-jkidd Value: uid=0&lastRequest=1643762047137&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1643762047137&isNew=1&pageIndex=1
www.nytimes.com/	1970-01-20 10:04:50	Name: _chartbeat2 Value: .1643762046957.1643762047266.1.v2_NTCx-GJSB3T9JsBSMgUAKv3gj.2
.doubleclick.net/	1970-01-20 09:57:38	Name: IDE Value: AHWqTUnjykC6fOqtC-EgTl9QYsBD0JFm7oEmeqN8_oup6WLmTidZ1GEnWoVb2gPG4HU
.nytimes.com/	1970-01-23 16:12:02	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MWY5ZDE3ZmU5ZDE5ODAwMDFkZWE4ZWIiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjQzNzYyMDQ3fQ.Jnuvp2FSNZK82fryUgYEDEgVBo-XTsQMqh9XDqXNIik

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 54) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 54) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 54) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x(Line 54) Message: Unrecognized feature: 'conversion-measurement'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
news.google.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
142.250.184.198
142.250.185.226
143.204.215.121
151.101.65.164
2600:9000:2057:9800:18:1fcd:34f:cdc1
2606:4700:3037::6815:24db
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2013
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2013
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
3.33.220.150
35.241.35.241
35.244.188.62
54.165.118.4
0340f4e646890d18ce9c556485402ccbe7ff764899602087a0d8022d11a4bef6
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0f94885fd7c9cb7811f25ef40aae0e70111a6d2f346d3a38e531fd0ae906a0fa
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
3d6920f2a19cca0e9492d27dd3453a64063d2167a4411c10111fd54561c70ae2
3d78a99e4f4c53e2ed5437af69cf62e4d90b709e5fbf8a30690b2d5000204256
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
413d6a64ecbfb5ad83e7ea4d1b670151741e78a16227ebb6adca391deaef3f25
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c96dca645d7cdb6889e7deae3bc2ac76500e438d2b13d84e4cdf594fba23f03
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52bde2044af620b07753e8811e8e6e2af4b6958b03a9a067667de86452540f35
59e3a9dad73fc7c6b0b1a5eeecbb90e47a5ad61fd2d7419dd55b49d68c7d2f87
6114c7f137178e53a204653bbe961a0341ed3454a71153b3889e0ae6d0ebec5f
6270ca4613759eed5ce9a88406379a80c4f11972cd03108a6cb6ce302f9fc185
63c19371588c328be91e3988648d28d3dc13e987ead094a0165cec8d915f2ac2
6aeeb08ac54b95ab6df2cfbeddbb4185301fdea1eb49b3f550d2f6d62319d637
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
798933e32618fcc0d5d176fbd094da833036059ed5c0a2c250229ff635a4b642
7b74d9d0bf5383b518457e5f527095f711768833838ef8cfc39240ce490c0d9d
7e1610317c422b8d7342875a8ae65b59c376bd78a6e4b6a8625b111f884d345c
7e5046c21e2ad4606d015dad23f41c23d2f4c94c40fb507b07598f0fbc16b661
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
869c8ffa7874a82c211a615cefca267eedd4520acecc678e78941e616527c6bb
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95bc30ee747b5f6aaa020d0848cd4390c346156e7103906bf0bb273147b632af
9720259e389f5d8dcceb70d4a706fd7ce971ebed39398c11900bee7f3396425b
97975b77adab1bc3b7e2c7b638569e6c85e6a3621cbd12b43bd54552b5e4a88e
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
9959bd8fb1de502f64f74ee7c58540a492fe099b9dd789fee4b44930022c6f90
9a1ea5efba78d3b3207b021b1d51b5a4f2fc32a3a2698f03eb4eee1db8776137
9b451d3ea4e499f6e1df6c13782e71edb22edb6c28914c7f298561034ce82d85
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a442c88b95e2b9fb0beb698f3d97ee0f919d6e84b929448a6091e78788021fb4
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b9ba4b0f9a0b5a6cc5b219591a2a76b88ac48f708fa403ecb842544178c4df4d
bcaa6d939e01310f997c0a740d4df1c8a8cf5ebebd3ed28ea42c00df6a5d81eb
bdc926f318e517d36f61e44b1fc758211fa468b7b3fbf25880b113e2b6e6d975
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c7c54925cf2a855076a5bdc48410185f4279624173b613b18b658b3e961f9dcd
ce2895e974220e0cd46c019c22556ee285f8d859b9fb766ae5519b759a359bb4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da43df7a618c6ecfd98b0c924aa9c057451a1853c0e146c5c9c88592a296229e
dcc4f5d4fcbe6f019c8876e56b9a0337111d65bce0d48d0f946d38c093c44097
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6628e0b8a30aa5d0362d95be282d463bc421ccd0aa17a41db54e9f77902624
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f348468a5b39755c98091989fdafd4be48ccdbfaf75273cd4fd87333e43a7fda
f363bbbb9c92fc7de3f692ce3df694dfd78a71573bdf63cda6448b92e4934fa9
ff98b10e739cd61cf8b678fb1447c62a2df8e80591d7e8b513b7fc9edf0f2640

www.nytimes.com Open in urlscan Pro 151.101.65.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

100 %HTTPS

60 %IPv6

12 Domains

26 Subdomains

20 IPs

2 Countries

1470 kBTransfer

4779 kBSize

27 Cookies

21 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.65.164 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

100 %
HTTPS

60 %
IPv6

12
Domains

26
Subdomains

20
IPs

2
Countries

1470 kB
Transfer

4779 kB
Size

27
Cookies

85 HTTP transactions
0 data transactions